ISACA
Overview
Compensation: Pay Range: $126,470 - $205,515/year Benefits available for eligible positions include: 100% tuition assistance, wellness initiatives, generous paid time off, paid parental leave, Public Service Loan Forgiveness Program eligible employer, plus more. UAB Medicine provides a variety of resources to support employees both personally and professionally. UAB Medicine offers a range of benefits and perks and a nationally ranked work environment. Work with the Best at UAB Medicine: UAB Medicine is Alabama's largest single-site employer and operates over 1,200 beds and over 200 clinics in Birmingham, Alabama. When you become part of UAB Medicine, you join a nationally ranked academic medical center committed to education and advancing medical science through research. Our recognition includes U.S. News & World Report Best Hospitals (no. 1 in Alabama) and Forbes No. 1 Best Large Employer (2021), among others. UAB Medicine emphasizes a supportive and inclusive culture and offers avenues for advancement that align with career goals. Duties
To independently employ a broad knowledge of principles, practices, and procedures in a particular field of specialization to plan, design, develop and support systems and projects. To conduct research and analysis and present findings for review. To carry out complex assignments requiring the development of new or improved techniques and procedures. This position will commit to fostering an environment of heightened security following Information Technology Security Policies and participating in security training, such as HIPAA and FERPA, on an annual basis. Qualifications
Bachelor's degree in Information Systems or a related field and six (6) years of related experience required. Work experience may substitute for education requirement. Certified Information Systems Security Professional (CISSP) certification preferred. Preferred Skills
One of the following certifications preferred: CISSP, CCNA, CEH, OSCP, GPEN Experience with 1 or more items in a Healthcare setting (preferred): Network Security: Working knowledge of TCP/IP, HTTP, SSL, SSH and other networking protocols; Managing network security tools such as IPS, Firewall, SASE; Reviewing firewall requests to determine risk to organization; Managing network configuration tools Cloud Security: Data protection policies; CASB Administration; Baseline Configuration (Conditional Access policies, NIST, CIS BENCHMARKS); Support the development and execution of enterprise-wide Cloud security program Application Security: Managing application security scanners (DAST, SAST); Familiarity with software security frameworks (OWASP, NIST, BSIMM, OpenSAMM); Experience performing application security assessments that involve threat modeling and security testing Security Architecture: Performing technical risk assessments on new and existing systems; Providing security configuration recommendations to network and infrastructure architects; Developing security policies for cloud infrastructure; Assisting with the implementation of a cybersecurity framework (NIST CSF, CIS top 20, etc.) IoT Risk management: Maintaining passive scanners to discover IoT and biomedical devices on the network; Referencing MDS2 documents from vendors to determine risk; Providing remediation plans for biomedical device vulnerabilities; Providing architecture guidance on implementation of medical devices; Contribute to maintaining medical device asset inventory and security information Job: Information Technology
#J-18808-Ljbffr
Compensation: Pay Range: $126,470 - $205,515/year Benefits available for eligible positions include: 100% tuition assistance, wellness initiatives, generous paid time off, paid parental leave, Public Service Loan Forgiveness Program eligible employer, plus more. UAB Medicine provides a variety of resources to support employees both personally and professionally. UAB Medicine offers a range of benefits and perks and a nationally ranked work environment. Work with the Best at UAB Medicine: UAB Medicine is Alabama's largest single-site employer and operates over 1,200 beds and over 200 clinics in Birmingham, Alabama. When you become part of UAB Medicine, you join a nationally ranked academic medical center committed to education and advancing medical science through research. Our recognition includes U.S. News & World Report Best Hospitals (no. 1 in Alabama) and Forbes No. 1 Best Large Employer (2021), among others. UAB Medicine emphasizes a supportive and inclusive culture and offers avenues for advancement that align with career goals. Duties
To independently employ a broad knowledge of principles, practices, and procedures in a particular field of specialization to plan, design, develop and support systems and projects. To conduct research and analysis and present findings for review. To carry out complex assignments requiring the development of new or improved techniques and procedures. This position will commit to fostering an environment of heightened security following Information Technology Security Policies and participating in security training, such as HIPAA and FERPA, on an annual basis. Qualifications
Bachelor's degree in Information Systems or a related field and six (6) years of related experience required. Work experience may substitute for education requirement. Certified Information Systems Security Professional (CISSP) certification preferred. Preferred Skills
One of the following certifications preferred: CISSP, CCNA, CEH, OSCP, GPEN Experience with 1 or more items in a Healthcare setting (preferred): Network Security: Working knowledge of TCP/IP, HTTP, SSL, SSH and other networking protocols; Managing network security tools such as IPS, Firewall, SASE; Reviewing firewall requests to determine risk to organization; Managing network configuration tools Cloud Security: Data protection policies; CASB Administration; Baseline Configuration (Conditional Access policies, NIST, CIS BENCHMARKS); Support the development and execution of enterprise-wide Cloud security program Application Security: Managing application security scanners (DAST, SAST); Familiarity with software security frameworks (OWASP, NIST, BSIMM, OpenSAMM); Experience performing application security assessments that involve threat modeling and security testing Security Architecture: Performing technical risk assessments on new and existing systems; Providing security configuration recommendations to network and infrastructure architects; Developing security policies for cloud infrastructure; Assisting with the implementation of a cybersecurity framework (NIST CSF, CIS top 20, etc.) IoT Risk management: Maintaining passive scanners to discover IoT and biomedical devices on the network; Referencing MDS2 documents from vendors to determine risk; Providing remediation plans for biomedical device vulnerabilities; Providing architecture guidance on implementation of medical devices; Contribute to maintaining medical device asset inventory and security information Job: Information Technology
#J-18808-Ljbffr